Son of Snoop on Steroids

Visit the new dedicated SOSOS site for more information about SOSOS: http://www.sosos.emmet-gray.com

Background

New:  SOSOS is now available as a complete pre-compiled install package at the sister site: http://www.sosos.emmet-gray.com

SOSOS is still available as Visual Basic “source code”.  That means that you can use Microsoft Visual Studio 2005/2008 to alter the program and recompile the source code to suit your needs.   Luckily, Microsoft provides the Visual Basic Express Edition as a free download at http://msdn.microsoft.com/vstudio/express/vb

SOSOS is completely free of charge.  SOSOS and its source code is considered in the “public domain”.  That means you can do anything you want with it, to include making money from it.  There is no licensing requirement.

SOSOS Features

SOSOS gathers information about PCs including hardware information such as CPU, memory, hard drives, and serial numbers; software information such as operating system, installed software, and software components; configuration information such as IP address, running processes, desktop settings, and services; and security-related information such as shared resources, modems, account policies, security patches, and virus activity.

Note:  SOSOS does not gather any personal information, look at emails, user documents, or track Internet activity.

SOSOS does not have a built-in database… instead it relies on a 3^rd-party database application to store its information.  A database is not absolutely required.  However a lot of SOSOS functions are designed around a database and will be disabled when a database is not configured.

The SOSOS Suite

SOSOS is actually a suite of programs consisting of the following:

SOSOS – the main application (includes all of the features below)
RunSOSOS – a command-line version for unattended gathering of data
PollSOSOS – a command-line version for network scanning
ViewSOSOS – a read-only interface to SOSOS database
ConfigureSOSOS – a setup utility for the SOSOS suite

SOSOS.exe is the “main” application that may be the only application that’s required in a home or small office environment.

In the most common scenario for a corporate environment, the average user may never see the SOSOS program.  The data from their PCs may be gathered by the RunSOSOS program which is designed by default to be “stealthy” and to be run during the login process with no user intervention.

Users can double-click on the SOSOS.exe program to manually scan their PC, save the data, print, or save a report.  Administrators can do more…they can use SOSOS to poll remote PCs for their data.

Running SOSOS

The most common task in SOSOS is to collect data from the local PC.  You perform this function by clicking on the Collect Data button (or from the File/Collect Data menu).  The SOSOS screen will look like the following

Use of SOSOS Data

The true power of SOSOS is in the manipulation of the data that it collects.  The collection of the data by itself isn't all that helpful... but the ability to write queries against the data is a very powerful tool.  This ability to analyze the data is where SOSOS can save an organization time and money.

• IT staff can diagnose network configuration errors
• Security staff can track "points of entry" (modems, shares, abandoned PCs, etc).
• Property book staff can track serial numbers
• Budget staff can use it to help plan major upgrades
• Users can find a CD Burner, Zip drive, or color printer that they can use

Users think our IT staff is psychic, since we can often detect a problem before they are even aware that a problem exists. In other cases, when a user has a problem, we can remotely “snoop” their PC while they are on the phone.

When a new security concern is discovered, we quickly write a query against the SOSOS database or, if required, re-scan our PCs. SOSOS provides a way to answer questions such as:

• How many PCs are missing the latest security patch
• Who has dangerous/inappropriate/illegal software?
• Who has an "open" share on their PC?
• Who is getting errors in the Event logs?
• Who has an account with no password?
• Is everyone using an NTFS partition?
• What's the revision level of the anti-virus software?
• What's the date of the virus signatures?
• Who is getting virus activity?

SOSOS also provides an inventory tracking system that records the brand, model number, and serial number of their PC, and also video monitor and printer information. SOSOS provides a way to keep track of:

• Who has a CD burner, a DVD, a zip drive, etc?
• How many copies of the licensed software are installed?
• What PCs need hardware upgrades, BIOS updates, etc?
• Who is running low on disk space?
• What PCs need operating system/software upgrades?
• Who has a printer like mine? I need to borrow an ink cartridge.
• Hey! Where’d that PC go? (Track by serial number or MAC address)

Related Applications

In addition to the SOSOS suite, there are several other related programs that perform the following functions:

• AlertSOSOS Immediately notifies a list of staff members by instant message and email when conditions such as new virus activity or new disk shares are detected
• BackupSOSOS Archives SQL data into Microsoft Access files
• ErrorLogSOSOS Converts the text-based SOSOS Error Log File into a database
• MgmtConsoleSOSOS A GUI-based management console for SOSOS data
• ProcessSearch Searches the SOSOS database against a list of several hundred known spyware, addware, and Peer to Peer applications
• SoftwareSearch Similar to ProcessSearch, but searches Installed Software

Database Table Listing

The data is stored in the following 43 tables:

Downloads/Links

Download the install package: SetupSOSOS.exe
Download the complete VB.Net source for SOSOS: SOSOS_src.zip
Listing of Related Applications available for download

Last Modified: 13 May 10